CVE-2017-7945 Information

Description

The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17 7.x before 7.0.15 7.1.x before 7.1.9 and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests aka PAN-SA-2017-0014 and PAN-72769.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://security.paloaltonetworks.com/CVE-2017-7945

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8